Factory Security: Don’t Be an Unintentional Shark

Entering a factory in this day and age is a bit like taking a dive into the ocean. There is a plethora of different ecosystems and constant movement. Both can be mind boggling when you view them for the first time.

Once you get past the vastness of the space, you immediately notice the periodic sync of all the actions taking place. Automated Guide vehicles (AGV) move back and forth in designated lanes. Fork lifts move materials, boxes, and containers all while making their presence known with a honk at every turn. Operators go to and from their cells, monitor their machinery and take note of each piece that comes off their line. Supervisors are in a constant state of exploration and gaze through their safety glasses while documenting current statuses on a mobile phone or tablet.

You sometimes forget to look up with all this action going on the factory floor. Beneath the high ceilings, you can see the large distribution of cables going to and from the plant, serving as a nervous system for the industrial habitat. Surrounding it are pods of wireless access points making sure every point on the factory floor can be connected where the cable can’t reach.

In the back, there is another habitat of boxes, where products are packaged and moved into containers. Shipping trucks line up day in and day out to move inventory. Labels are printed, codes are scanned and the movement never slows.

Shark Week is Every Week Now

In a deep-sea ecosystem, there are also warnings when danger is near. A predator like a shark emerges, and those that live within the habitat either flee or hide. For years, manufacturers had the luxury of not having to deal with predators. Their ecosystem was siloed away from predators with unconnected, proprietary machinery. The biggest threat was something breaking, or at worst a disgruntled employee doing something nefarious. However, factories are modernizing and becoming more connected. The modernization of the factory through connectivity has helped the manufacturing ecosystem to grow as more data and insights are driving better overall equipment effectiveness (OEE) and in turn driving more productivity. The downside to this is that every machine, connection point and person is now an unintentional shark in the ecosystem.

How does one become an unintentional shark? Simply connect to the network. Connecting to the network means anyone or anything can instantly become a predator by passing along malware, ransomware or simply not addressing systems with the most up-to-date software patches. That initial connection can quickly turn into a feeding frenzy. As a virus spawns, machines can shut down and operations can stop. There is a 1 in 11.5 million chance of getting bit by an actual shark, according to the University of Florida's International Shark Attack File (ISAF). Comparatively, in the Cisco 2017 Midyear Cybersecurity Report (MCR), 28% of manufacturing organizations reported a loss of revenue due to attack(s) in the past year. The average lost revenue was 14%. Surfing the ocean seems safer than surfing the Industrial Internet of Things (IIOT) in comparison.

The “blood in the water” of downtime also attracts a type of “loan” shark called ransomware. Recently, viruses such as WannaCry and Nyetya made their way into factories. The goal was to shut down the factories and money was demanded. Both of these viruses took out not only manufacturers, but also banking, shipping and oil operations. The result was shutdown of many operations and a lot of sunk costs.

So, while no one intends to be a shark in their operation, everyone has the potential to be a predator. The Cisco Midyear Cybersecurity Report noted that nearly 60% of manufacturing orgs report having fewer than 30 employees dedicated to security, while 25% consider a lack of trained personnel as a major obstacle in adopting advanced security processes and technology.

There are Better Options than Shark Repellent Spray

So how can manufacturers protect their ecosystem? First, it’s vital to know that your critical systems and operational priorities are defined. Hiding isn’t an option every time a threat emerges, so consider some cybersecurity best practices for your factory:

1. Have good backups. If you perform weekly backups, transition to daily; if you run daily backups, consider hourly or real-time coverage.

2. Cultivate a good disaster recovery plan. Test and update the plan regularly as your operation grows and changes.

3. Carry out security awareness training. Identify all the people, processes, and tools necessary to handle a critical disruption or event. Perform drills to test these plans on a regular basis.

4. Develop a comprehensive baseline of the applications, system images, information, and your normal running network performance to give visibility into any changes. These actions set a standard for detecting unusual activity.

5. Use standardized images of operating systems and desktops, to allow for easy re-imaging and recovery of infected infrastructure.

You probably remember the famous line from the 1975 movie Jaws, from Roy Scheider after seeing the shark up front: “You’re going to need a bigger boat.”

When it comes to the unintentional shark, manufacturers don’t need a bigger boat. What they need is careful focus, assessment, targeting and investment in resources to ensure a real monster doesn’t latch on to operations.

About the Author

Eric joined Cisco in 2016, taking responsibility for marketing in the manufacturing and energy vertical. Ehlers has worked in a series of industrial technology sectors, including manufacturing, utilities/smart grid, transportation, and oil and gas, where he cultivated commercial plans to support global marketing and sales operations and establish long-term growth. Eric holds a Communication degree from Appalachian State University, and a Masters of Communication Management from the University of Southern California.